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IMAP Access to IETF Email List Archives 
Abstract 


The IETF makes heavy use of email lists to conduct its work. This 
often involves accessing the archived history of those email lists. 
Participants would like to have the ability to browse and search 
those archives using standard IMAP clients. This memo captures the 
requirements for providing a service that would allow such browsing 
and searching, and it is intended as input to a later activity for 
the design and development of such a service. 


Status of This Memo 


This document is not an Internet Standards Track specification; it is 
published for informational purposes. 


This document is a product of the Internet Engineering Task Force 


(IETF). It represents the consensus of the IETF community. It has 
received public review and has been approved for publication by the 
Internet Engineering Steering Group (IESG). Not all documents 


approved by the IESG are a candidate for any level of Internet 
Standard; see Section 2 of RFC 5741. 


Information about the current status of this document, any errata, 
and how to provide feedback on it may be obtained at 
http://www.rfc-editor.org/info/rfc7017. 


Copyright Notice 


Copyright (c) 2013 IETF Trust and the persons identified as the 
document authors. All rights reserved. 


This document is subject to BCP 78 and the IETF Trust’s Legal 
Provisions Relating to IETF Documents 
(http://trustee.ietf.org/license-info) in effect on the date of 
publication of this document. Please review these documents 
carefully, as they describe your rights and restrictions with respect 
to this document. Code Components extracted from this document must 
include Simplified BSD License text as described in Section 4.e of 
the Trust Legal Provisions and are provided without warranty as 
described in the Simplified BSD License. 
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1. Introduction 

The IETF makes heavy use of email lists to conduct its work. This 
often involves accessing the archived history of those email lists. 
Requirements for improved web-based browsing and searching of these 
archives are captured in [RFC6778]. Participants would like to have 
the ability to browse and search those archives using standard IMAP 
clients. This memo captures the requirements for providing a service 


that would allow such browsing and searching, and it is intended as 
input to a later activity for the design and development of such a 
service. 


2. Requirements for IMAP Access to Archived IETF Lists 


Many participants would prefer to access the list archives using IMAP 


[RFC3501]. Providing this access while meeting the following 
requirements will likely require an IMAP server with specialized 
capabilities. 


o The system should expose the archive using an IMAP interface, with 
each list represented as a mailbox. 


o This interface must work with standard IMAP clients. 


o The interface should allow users that have provided credentials to 
each have their own read/unread marks for messages. Allowing 
other annotation is desirable. The implementation should consider 
taking advantage of the IMAP extensions for ANNOTATE [RFC5257] and 
METADATA [RFC5464]. 


o It must be possible for administrators to set per-user storage 
quotas, limiting the space a user can consume with annotations. 


o The interface must not allow users to modify the underlying 
message or metadata other than the read/unread marks and 


annotations described above. Specifically, users must not be able 
to delete or insert messages, or move them between mailboxes in 
the archive. (Clients will, of course, be able to make local 


copies of messages from the archive.) 
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3's 


o The interface must have server-side searching enabled and should 
scale to support multiple simultaneous extensive searches. The 
server should provide the enhanced search capabilities described 
in [RFC6778]. The implementation should consider taking advantage 
of the extensions defined for IMAP SORT and THREAD [RFC5256], 
multimailbox search [RFC6237], and fuzzy search [RFC6203]. 


o When the system requires credentials, it must use the 
datatracker’s authentication system. 


- While the vast majority of archived lists have an open 
access policy, some archived lists have restricted archives. 
The system must make it possible to limit access to a 
restricted archive based on login credentials. 


- The system must allow access to open archives with or 
without providing credentials. Specifically, the system 
will allow anonymous access using the Simple Authentication 
and Security Layer (SASL) ANONYMOUS mechanism [RFC4505] ora 
LOGIN command with a special username (such as "anonymous") 
determined by the administrator. 


Internationalized Address Considerations 


The implementation should anticipate internationalized email 
addresses as discussed in the following three documents: [RFC6532], 
[RFC6531], and [RFC6855]. There is no firm requirement at this time. 


Security Considerations 


Allowing IMAP as an interface for browsing and searching the archives 
of IETF email lists does not affect the security of the Internet in 
any significant fashion. 


Searching can be input/output (I/O) and CPU intensive. Clients that 
make local copies of all messages in a mailbox can also present an 
I/O burden, particularly when synchronizing for the first time. The 
implementors of this interface should consider the potential for 
maliciously crafted searches attempting to consume a damaging amount 
of resources. The implementors should consider the potential for 
denial-of-service attacks through making many connections to the 
interface. The implementors should consider ways to rate limit I/O 
due to making local copies of messages. 
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Storing read/unread marks and other annotations requires potentially 


unbounded storage space. The implementors of this interface should 
consider the potential for maliciously crafted annotations attempting 
to consume a damaging amount of storage space. The implementors 


should consider making it easy to alert the administrator when a user 
begins consuming exceptional amounts of space. 
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